US7930738B1 - Method and apparatus for secure execution of code - Google Patents

Method and apparatus for secure execution of code Download PDF

Info

Publication number
US7930738B1
US7930738B1 US11144512 US14451205A US7930738B1 US 7930738 B1 US7930738 B1 US 7930738B1 US 11144512 US11144512 US 11144512 US 14451205 A US14451205 A US 14451205A US 7930738 B1 US7930738 B1 US 7930738B1
Authority
US
Grant status
Grant
Patent type
Prior art keywords
code
section
trusted
privilege
level
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active, expires
Application number
US11144512
Inventor
Scott E. Petersen
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Adobe Systems Inc
Original Assignee
Adobe Systems Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Grant date

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2105Dual mode as a secondary aspect

Abstract

One embodiment of the present invention provides a system that facilitates secure execution of code. During operation, the system executes a section of code. Upon executing an instruction that raises a privilege of the section of code, the system checks if the section of code is trusted, wherein trusted code is allowed to raise the privilege and non-trusted code is not allowed to raise the privilege. If so, the system raises the privilege of the section of code and executes the section of code. After the section of code is executed, the system then lowers the privilege of the section of code.

Description

BACKGROUND

1. Field of the Invention

The present invention relates to computer systems. More specifically, the present invention relates to a method and an apparatus for facilitating the secure execution of code within a computer system.

2. Related Art

Since the early years of computer programming, computer designers have strived to create open platforms with robust feature sets while minimizing the ability for hackers to execute malicious code. To this end, programmers have created the notion of “privileged” code to help safeguard against the malicious use of code. In theory, the programmers must specifically mark privileged code, and only code that is marked as privileged is allowed to execute potentially dangerous functions. In practice, however, hackers are able to fool such systems into thinking that their code is privileged through various methods. For example, many hackers exploit privilege inheritance vulnerabilities to gain access to higher privileges. Essentially, they fool the system into calling their code from a privileged function, and in turn, their code inherits the access level of the calling function.

Another way in which hackers can fool the system into executing their rogue code is by replacing a system function with their own corresponding function. Subsequently, when the system attempts to execute the system function, the hacker's function executes instead; often times with all of the access rights of the replaced system function.

It is possible to manually inspect code to identify such vulnerabilities and compromised code. However, with all of the different levels of privilege inheritance, and all of the complex procedure calls, it can be very easy to overlook potential problems.

Hence, what is needed is a method and an apparatus for securely executing code without the problems described above.

SUMMARY

One embodiment of the present invention provides a system that facilitates secure execution of code. During operation, the system executes a section of code. Upon executing an instruction that raises a privilege of the section of code, the system checks if the section of code is trusted, wherein trusted code is allowed to raise the privilege and non-trusted code is not allowed to raise the privilege. If so, the system raises the privilege of the section of code and executes the section of code. After the section of code is executed, the system then lowers the privilege of the section of code.

In a variation of this embodiment, raising the privilege of the section of code involves setting a privilege bit for the section of code on a stack.

In a variation of this embodiment, checking if the section of code is trusted further involves determining if a function containing the section of code is trusted by checking it against a core library of trusted functions.

In a variation of this embodiment, checking if the section of code is trusted further involves determining if a function containing the section of code is a trust propagator. If so, the system examines a preceding stack frame on the stack to determine if a preceding function which called the function is trusted.

In a variation of this embodiment, the section of code is written in a scripting language that is executed by an interpreter.

In a further variation, the scripting language is JavaScript.

In a variation of this embodiment, the section of code is embedded in an Adobe® Portable Document Format (PDF) document.

BRIEF DESCRIPTION OF THE FIGURES

FIG. 1 presents a flowchart illustrating the process of securely executing code in accordance with an embodiment of the present invention.

FIG. 2 presents a flowchart illustrating the process of determining the trust level of a function in accordance with an embodiment of the present invention.

FIG. 3 illustrates a computer system with secure code execution in accordance with an embodiment of the present invention.

DETAILED DESCRIPTION

The following description is presented to enable any person skilled in the art to make and use the invention, and is provided in the context of a particular application and its requirements. Various modifications to the disclosed embodiments will be readily apparent to those skilled in the art, and the general principles defined herein may be applied to other embodiments and applications without departing from the spirit and scope of the present invention. Thus, the present invention is not intended to be limited to the embodiments shown, but is to be accorded the widest scope consistent with the principles and features disclosed herein.

The data structures and code described in this detailed description are typically stored on a computer readable storage medium, which may be any device or medium that can store code and/or data for use by a computer system.

This includes, but is not limited to, magnetic and optical storage devices such as disk drives, magnetic tape, CDs (compact discs) and DVDs (digital versatile discs or digital video discs), and computer instruction signals embodied in a transmission medium (with or without a carrier wave upon which the signals are modulated). For example, the transmission medium may include a communications network, such as the Internet.

Overview

There are several ways of achieving transition between privileged and unprivileged code that are used today. It is common, through various means, to give a function (or method or whatever you want to call it) privilege regardless of how it is called. A typical example is the native code backing a JavaScript method that is available to web pages in a browser. Nefarious JavaScript code can alter the native code or leverage the native code to gain unauthorized access.

The reverse can also be true. Native code might set some state that allows JavaScript executing while that state is set to have more privilege than it normally would. This is typical of an application that is written partly in a scripting language, which is also available to dubious sources like web pages or Adobe® Portable Document Format (PDF) files.

Mixing and matching privilege in is inherently dangerous. In most scenarios, accidental privilege ‘leakage’ is a serious concern. Most techniques for determining if the code is secure require full static analysis to decide if privilege is leaking. In addition, code from third parties is often error prone and hard to audit.

Rather than granting privilege to something as coarse as a function, in one embodiment of the present invention, privilege is explicitly raised (additional capabilities are granted) for a small number of lines of code. This helps to ensure that privilege is raised only for the operations that truly require raised privilege. In addition, privilege is not inherited by functions called while privilege is raised. This drastically reduces the opportunity for privilege leakage.

Each function must explicitly raise privilege regardless of whether or not code with privilege is calling it. In addition, only in two cases is a function allowed to raise privilege. The first case is an explicitly trusted function. An explicitly trusted function can manipulate privilege as it sees fit. A trusted function would generally be a function that performs an operation that is not exploitable overall but may require privilege for certain steps of its operation. Note that the trusted function must still explicitly raise privilege and functions that it calls are not necessarily trusted or privileged. In one embodiment of the present invention, an explicitly trusted function is indicated as such in an core library that cannot be altered by the executing code. In this manner, there is no way that executing code can mark itself as explicitly trusted.

The second case is “trust-propagating functions.” These function are allowed to manipulate privilege only if called by either a trusted function or by another trust propagator that has received propagated trust from a trusted function. Note that any number of trust propagators can be chained after a trusted function and are still able to propagate privilege. Note that a trust propagator function is typically be used to implement auxiliary behaviors for a trusted function.

Since privilege is not inherited, and trust is inherited only by functions explicitly marked as able to inherit trust, rogue code is by definition incapable of gaining privilege. Furthermore, privileged operations must always be performed when privileged is explicitly raised. In this way, auditing becomes a simple matter of searching a codebase for whatever method or construct raises privilege. It is even perfectly safe for a trusted function to call another function provided by a dubious source like a PDF file even if the trusted function has raised privilege. In this case, the function would not be trusted or be a trust propagator, and any privilege would not be inherited.

In one embodiment of the present invention, the Acrobat™ application uses the described methods for JavaScript privilege management. The system simply sets private data on function objects indicating if they are trusted or are trust propagator functions. When privilege is raised, the system sets private data on the JavaScript execution engine's stack frame objects to indicate that the currently executing stack frame has privilege.

Secure Execution of Code

FIG. 1 presents a flowchart illustrating the process of secure execution of code in accordance with an embodiment of the present invention. The system starts by attempting to execute code that raises privilege (step 102). The system then determines if the currently executing function is trusted (step 104). Note that determining trust is explained in detail in FIG. 3. If the currently executing function is indeed trusted, the system sets a privileged bit on the stack frame (step 106). Note that implementing this technique through the stack frame is important because the stack frame cannot be manipulated directly by the code executing within the system. Only the native code of the system itself can manipulate the stack frame. If such code was able to manipulate the stack directly, then it would already have access ability well beyond the scope of the present invention and could carry out any number of nefarious activities.

If the currently executing instruction is not trusted, then the system throws a security exception (step 108) and subsequently does not execute the code. Optionally, the system can carry out any number of activities when non-trusted code attempts to raise privilege, such as notifying the user, notifying an administrator, and creating an entry in a security log.

Determining Function Trust Level

FIG. 2 presents a flowchart illustrating the process of determining trust level of a function in accordance with an embodiment of the present invention. The system starts by determining if the function is marked as trusted by checking the function against a core library (step 202). If so, the system returns that the function is trusted (step 204). However, if the function is not marked as trusted, the system then determines if the function is a trust propagator (step 206). If so, the system moves up one stack frame (step 208) and starts over at step 202, determining if the new function is trusted. If at any point before determining that the function is trusted the system determines that the function is not a trust propagator, then the system reports that the function is not trusted (step 210). In short, in order to be trusted, the function needs to be marked as trusted, or be part of an unbroken chain of trust propagators to a function that is trusted.

Computer System with Secure Code Execution

FIG. 3 illustrates a computer system 300 with secure code execution in accordance with an embodiment of the present invention. Computer system 300 can generally include any type of computer system, including, but not limited to, a computer system based on a microprocessor, a mainframe computer, a digital signal processor, a portable computing device, a personal organizer, a device controller, and a computational engine within an appliance.

Computer system 300 includes the Adobe Acrobat application 312 that is used to create and display Adobe® Portable Document Format (PDF) documents, such as PDF 302. In addition, PDF document may contain some scripting language code such as JavaScript 304.

Adobe Acrobat™ application 312 includes JavaScript 314, JavaScript interpreter 316 (for interpreting JavaScript 314, as well as JavaScript 304 when PDF 302 is opened by Adobe Acrobat™ application 312), and Acrobat™ core library 318. In the past, hackers could potentially fool Adobe Acrobat™ application 312 into executing malicious code by placing the malicious code into JavaScript 304 and opening PDF 302 in Adobe Acrobat™ application 312. In one embodiment of the present invention, Adobe Acrobat™ application 312 safeguards itself by using the methods described in FIGS. 1 and 2. All code in JavaScript 304 and 314 must explicitly raise privilege when executing code that requires higher access. In order to raise privilege, the executing code must be either explicitly trusted in Acrobat™ core library 318, or must be a trust propagator and be part of an unbroken chain of trust propagators back to a function that is trusted by Acrobat™ core library 318. Note that Acrobat™ core library 318 cannot be modified by JavaScript 304 or JavaScript 314.

The specification discusses code that is either trusted or not trusted by checking a single privilege bit. Note that the present invention is not limited to a binary trusted/not trusted operation or a single bit. In one embodiment of the present invention, multiple privilege bits are used for each function to determine various levels of trust.

The foregoing descriptions of embodiments of the present invention have been presented for purposes of illustration and description only. They are not intended to be exhaustive or to limit the present invention to the forms disclosed. Accordingly, many modifications and variations will be apparent to practitioners skilled in the art. Additionally, the above disclosure is not intended to limit the present invention. The scope of the present invention is defined by the appended claims.

Claims (20)

1. A method, comprising:
executing a trusted section of code on a computer, said executing comprising executing one or more instructions to explicitly raise a privilege level of the trusted section of code to an elevated privilege level, wherein:
the elevated privilege level is necessary to execute a restricted function that is not executable by the trusted section of code before raising the privilege level to the elevated level, and
the raising of privilege level is dependent, at least in part, on determining that the trusted section of code is trusted to raise the privilege level to the elevated level; and:
while the privilege level of the trusted section of code is at the elevated level, the trusted section of code invoking a given function comprising a second section of code, wherein the second section of code does not inherit from the trusted section, the elevated privilege level necessary to execute the restricted function.
2. The method of claim 1, wherein raising the privilege level involves setting a privilege bit for the trusted section of code on a call stack of a computer program.
3. The method of claim 1, wherein the determination that the trusted section of code is trusted is dependent, at least in part, on determining that a function comprising the trusted section of code is indicated as explicitly trusted in a core library that cannot be modified by the trusted section of code.
4. The method of claim 1, further comprising:
executing one or more instructions in the second section of code to explicitly raise a level of privilege of the second section of code to the elevated privilege level necessary to execute the restricted function;
wherein the raising is dependent, at least in part, on a determination that the second section of code is trusted to raise the privilege level to the elevated level;
wherein the determination that the second section of code is trusted is dependent, at least in part, on:
determining that the function comprising the second section of code is a trust propagator; and
determining that the trusted section of code that invoked the function is trusted.
5. The method of claim 1, wherein the trusted section of code or the second section of code is written in a scripting language that is executed by an interpreter.
6. The method of claim 5, wherein the scripting language is JavaScript.
7. The method of claim 1, wherein the trusted section of code or the second section of code is embedded in an Adobe® Portable Document Format (PDF) document.
8. A computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method comprising:
executing a trusted section of code on a computer, said executing comprising executing one or more instructions to explicitly raise a privilege level of the trusted section of code to an elevated privilege level, wherein:
the elevated privilege level is necessary to execute a restricted function that is not executable by the trusted section of code before raising the privilege level to the elevated level, and
the raising of privilege level is dependent, at least in part, on determining that the trusted section of code is trusted to raise the privilege level to the elevated level; and:
while the privilege level of the trusted section of code is at the elevated level, the trusted section of code invoking a given function comprising a second section of code, wherein the second section of code does not inherit from the trusted section, the elevated privilege level necessary to execute the restricted function.
9. The computer-readable storage medium of claim 8, wherein raising the privilege level involves setting a privilege bit for the trusted section of code on a call stack of a computer program.
10. The computer-readable storage medium of claim 8, wherein the determination that the trusted section of code is trusted is dependent, at least in part, on determining that a function comprising the trusted section of code is indicated as explicitly trusted in a core library that cannot be modified by the trusted section of code.
11. The computer-readable storage medium of claim 8, wherein the method further comprises:
executing one or more instructions in the second section of code to explicitly raise a level of privilege of the second section of code to the elevated privilege level necessary to execute the restricted function;
wherein the raising is dependent, at least in part, on a determination that the second section of code is trusted to raise the privilege level to the elevated level;
wherein the determination that the second section of code is trusted is dependent, at least in part, on:
determining that the function comprising the second section of code is a trust propagator; and
determining that the trusted section of code that invoked the function is trusted.
12. The computer-readable storage medium of claim 8, wherein the trusted section of code or the second section of code is written in a scripting language that is executed by an interpreter.
13. The computer-readable storage medium of claim 12, wherein the scripting language is JavaScript.
14. The computer-readable storage medium of claim 8, wherein the trusted section of code or the second section of code is embedded in an Adobe® Portable Document Format (PDF) document.
15. A computer, comprising:
a computer-readable storage medium storing instructions thereon for implementing a method comprising:
executing a trusted section of code on a computer, said executing comprising executing one or more instructions to explicitly raise a privilege level of the trusted section of code to an elevated privilege level, wherein:
the elevated privilege level is necessary to execute a restricted function that is not executable by the trusted section of code before raising the privilege level to the elevated level, and
the raising of privilege level is dependent, at least in part, on determining that the trusted section of code is trusted to raise the privilege level to the elevated level; and:
while the privilege level of the trusted section of code is at the elevated level, the trusted section of code invoking a given function comprising a second section of code, wherein the second section of code does not inherit from the trusted section, the elevated privilege level necessary to execute the restricted function.
16. The computer of claim 15, wherein raising the privilege level involves setting a privilege bit for the trusted section of code on a call stack of a computer program.
17. The computer of claim 15, wherein the determination that the trusted section of code is trusted is dependent, at least in part, on determining that a function comprising the trusted section of code is indicated as explicitly trusted in a core library that cannot be modified by the trusted section of code.
18. The computer of claim 15, wherein the method further comprises:
executing one or more instructions in the second section of code to explicitly raise a level of privilege of the second section of code to the elevated privilege level necessary to execute the restricted function;
wherein the raising is dependent, at least in part, on a determination that the second section of code is trusted to raise the privilege level to the elevated level;
wherein the determination that the second section of code is trusted is dependent, at least in part, on:
determining that the function comprising the second section of code is a trust propagator; and
determining that the trusted section of code that invoked the function is trusted.
19. The computer of claim 15, wherein the trusted section of code or the second section of code is written in a scripting language that is executed by an interpreter.
20. The computer of claim 15, wherein the trusted section of code or the second section of code is embedded in an Adobe® Portable Document Format (PDF) document.
US11144512 2005-06-02 2005-06-02 Method and apparatus for secure execution of code Active 2028-08-19 US7930738B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US11144512 US7930738B1 (en) 2005-06-02 2005-06-02 Method and apparatus for secure execution of code

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US11144512 US7930738B1 (en) 2005-06-02 2005-06-02 Method and apparatus for secure execution of code

Publications (1)

Publication Number Publication Date
US7930738B1 true US7930738B1 (en) 2011-04-19

Family

ID=43858760

Family Applications (1)

Application Number Title Priority Date Filing Date
US11144512 Active 2028-08-19 US7930738B1 (en) 2005-06-02 2005-06-02 Method and apparatus for secure execution of code

Country Status (1)

Country Link
US (1) US7930738B1 (en)

Cited By (71)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100115621A1 (en) * 2008-11-03 2010-05-06 Stuart Gresley Staniford Systems and Methods for Detecting Malicious Network Content
US20100192223A1 (en) * 2004-04-01 2010-07-29 Osman Abdoul Ismael Detecting Malicious Network Content Using Virtual Environment Components
US20110078794A1 (en) * 2009-09-30 2011-03-31 Jayaraman Manni Network-Based Binary File Extraction and Analysis for Malware Detection
US20110247072A1 (en) * 2008-11-03 2011-10-06 Stuart Gresley Staniford Systems and Methods for Detecting Malicious PDF Network Content
US8881282B1 (en) 2004-04-01 2014-11-04 Fireeye, Inc. Systems and methods for malware attack detection and identification
US8898788B1 (en) 2004-04-01 2014-11-25 Fireeye, Inc. Systems and methods for malware attack prevention
US8984638B1 (en) 2004-04-01 2015-03-17 Fireeye, Inc. System and method for analyzing suspicious network data
US8990944B1 (en) 2013-02-23 2015-03-24 Fireeye, Inc. Systems and methods for automatically detecting backdoors
US9009823B1 (en) 2013-02-23 2015-04-14 Fireeye, Inc. Framework for efficient security coverage of mobile software applications installed on mobile devices
US9009822B1 (en) 2013-02-23 2015-04-14 Fireeye, Inc. Framework for multi-phase analysis of mobile applications
US9027135B1 (en) 2004-04-01 2015-05-05 Fireeye, Inc. Prospective client identification using malware attack detection
US9104867B1 (en) 2013-03-13 2015-08-11 Fireeye, Inc. Malicious content analysis using simulated user interaction without user involvement
US9106694B2 (en) 2004-04-01 2015-08-11 Fireeye, Inc. Electronic message analysis for malware detection
US9159035B1 (en) 2013-02-23 2015-10-13 Fireeye, Inc. Framework for computer application analysis of sensitive information tracking
US9171160B2 (en) 2013-09-30 2015-10-27 Fireeye, Inc. Dynamically adaptive framework and method for classifying malware using intelligent static, emulation, and dynamic analyses
US9176843B1 (en) 2013-02-23 2015-11-03 Fireeye, Inc. Framework for efficient security coverage of mobile software applications
US9189627B1 (en) 2013-11-21 2015-11-17 Fireeye, Inc. System, apparatus and method for conducting on-the-fly decryption of encrypted objects for malware detection
US9189621B2 (en) 1996-11-08 2015-11-17 Finjan, Inc. Malicious mobile code runtime monitoring system and methods
US9197664B1 (en) 2004-04-01 2015-11-24 Fire Eye, Inc. System and method for malware containment
US9195829B1 (en) 2013-02-23 2015-11-24 Fireeye, Inc. User interface with real-time visual playback along with synchronous textual analysis log display and event/time index for anomalous behavior detection in applications
US9219755B2 (en) 1996-11-08 2015-12-22 Finjan, Inc. Malicious mobile code runtime monitoring system and methods
US9223972B1 (en) 2014-03-31 2015-12-29 Fireeye, Inc. Dynamically remote tuning of a malware content detection system
US9241010B1 (en) 2014-03-20 2016-01-19 Fireeye, Inc. System and method for network behavior detection
US9251343B1 (en) 2013-03-15 2016-02-02 Fireeye, Inc. Detecting bootkits resident on compromised computers
US9262635B2 (en) 2014-02-05 2016-02-16 Fireeye, Inc. Detection efficacy of virtual machine-based analysis with application specific events
US9294501B2 (en) 2013-09-30 2016-03-22 Fireeye, Inc. Fuzzy hash of behavioral results
US9300686B2 (en) 2013-06-28 2016-03-29 Fireeye, Inc. System and method for detecting malicious links in electronic messages
US9306974B1 (en) 2013-12-26 2016-04-05 Fireeye, Inc. System, apparatus and method for automatically verifying exploits within suspect objects and highlighting the display information associated with the verified exploits
US9306960B1 (en) 2004-04-01 2016-04-05 Fireeye, Inc. Systems and methods for unauthorized activity defense
US9311479B1 (en) 2013-03-14 2016-04-12 Fireeye, Inc. Correlation and consolidation of analytic data for holistic view of a malware attack
US9356944B1 (en) 2004-04-01 2016-05-31 Fireeye, Inc. System and method for detecting malicious traffic using a virtual machine configured with a select software environment
US9355247B1 (en) 2013-03-13 2016-05-31 Fireeye, Inc. File extraction from memory dump for malicious content analysis
US9363280B1 (en) 2014-08-22 2016-06-07 Fireeye, Inc. System and method of detecting delivery of malware using cross-customer data
US9367681B1 (en) 2013-02-23 2016-06-14 Fireeye, Inc. Framework for efficient security coverage of mobile software applications using symbolic execution to reach regions of interest within an application
US9398028B1 (en) 2014-06-26 2016-07-19 Fireeye, Inc. System, device and method for detecting a malicious attack based on communcations between remotely hosted virtual machines and malicious web servers
US9430646B1 (en) 2013-03-14 2016-08-30 Fireeye, Inc. Distributed systems and methods for automatically detecting unknown bots and botnets
US9432389B1 (en) 2014-03-31 2016-08-30 Fireeye, Inc. System, apparatus and method for detecting a malicious attack based on static analysis of a multi-flow object
US9438613B1 (en) 2015-03-30 2016-09-06 Fireeye, Inc. Dynamic content activation for automated analysis of embedded objects
US9438623B1 (en) 2014-06-06 2016-09-06 Fireeye, Inc. Computer exploit detection using heap spray pattern matching
US9483644B1 (en) 2015-03-31 2016-11-01 Fireeye, Inc. Methods for detecting file altering malware in VM based analysis
US9495180B2 (en) 2013-05-10 2016-11-15 Fireeye, Inc. Optimized resource allocation for virtual machines within a malware content detection system
US9536091B2 (en) 2013-06-24 2017-01-03 Fireeye, Inc. System and method for detecting time-bomb malware
US20170024571A1 (en) * 2015-07-23 2017-01-26 Ca, Inc. Executing privileged code in a process
US9565202B1 (en) 2013-03-13 2017-02-07 Fireeye, Inc. System and method for detecting exfiltration content
US9591015B1 (en) 2014-03-28 2017-03-07 Fireeye, Inc. System and method for offloading packet processing and static analysis operations
US9594904B1 (en) 2015-04-23 2017-03-14 Fireeye, Inc. Detecting malware based on reflection
US9594912B1 (en) 2014-06-06 2017-03-14 Fireeye, Inc. Return-oriented programming detection
US9628498B1 (en) 2004-04-01 2017-04-18 Fireeye, Inc. System and method for bot detection
US9626509B1 (en) 2013-03-13 2017-04-18 Fireeye, Inc. Malicious content analysis with multi-version application support within single operating environment
US9628507B2 (en) 2013-09-30 2017-04-18 Fireeye, Inc. Advanced persistent threat (APT) detection center
US9635039B1 (en) 2013-05-13 2017-04-25 Fireeye, Inc. Classifying sets of malicious indicators for detecting command and control communications associated with malware
US9690936B1 (en) 2013-09-30 2017-06-27 Fireeye, Inc. Multistage system and method for analyzing obfuscated content for malware
US9690933B1 (en) 2014-12-22 2017-06-27 Fireeye, Inc. Framework for classifying an object as malicious with machine learning for deploying updated predictive models
US9690606B1 (en) 2015-03-25 2017-06-27 Fireeye, Inc. Selective system call monitoring
US9736179B2 (en) 2013-09-30 2017-08-15 Fireeye, Inc. System, apparatus and method for using malware analysis results to drive adaptive instrumentation of virtual machines to improve exploit detection
US9747446B1 (en) 2013-12-26 2017-08-29 Fireeye, Inc. System and method for run-time object classification
US9773112B1 (en) 2014-09-29 2017-09-26 Fireeye, Inc. Exploit detection of malware and malware families
US9825976B1 (en) 2015-09-30 2017-11-21 Fireeye, Inc. Detection and classification of exploit kits
US9824209B1 (en) 2013-02-23 2017-11-21 Fireeye, Inc. Framework for efficient security coverage of mobile software applications that is usable to harden in the field code
US9824216B1 (en) 2015-12-31 2017-11-21 Fireeye, Inc. Susceptible environment detection system
US9825989B1 (en) 2015-09-30 2017-11-21 Fireeye, Inc. Cyber attack early warning system
US9838417B1 (en) 2014-12-30 2017-12-05 Fireeye, Inc. Intelligent context aware user interaction for malware detection
US9888016B1 (en) 2013-06-28 2018-02-06 Fireeye, Inc. System and method for detecting phishing using password prediction
US9921978B1 (en) 2013-11-08 2018-03-20 Fireeye, Inc. System and method for enhanced security of storage devices
US9973531B1 (en) 2014-06-06 2018-05-15 Fireeye, Inc. Shellcode detection
US10027689B1 (en) 2014-09-29 2018-07-17 Fireeye, Inc. Interactive infection visualization for improved exploit detection and signature generation for malware and malware families
US10033747B1 (en) 2015-09-29 2018-07-24 Fireeye, Inc. System and method for detecting interpreter-based exploit attacks
US10050998B1 (en) 2015-12-30 2018-08-14 Fireeye, Inc. Malicious message analysis system
US10075455B2 (en) 2014-12-26 2018-09-11 Fireeye, Inc. Zero-day rotating guest image profile
US10084813B2 (en) 2014-06-24 2018-09-25 Fireeye, Inc. Intrusion prevention and remedy system
US10097573B1 (en) 2017-12-04 2018-10-09 Fireeye, Inc. Systems and methods for malware defense

Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4809160A (en) * 1985-10-28 1989-02-28 Hewlett-Packard Company Privilege level checking instruction for implementing a secure hierarchical computer system
US5560008A (en) * 1989-05-15 1996-09-24 International Business Machines Corporation Remote authentication and authorization in a distributed data processing system
US5727145A (en) * 1996-06-26 1998-03-10 Sun Microsystems, Inc. Mechanism for locating objects in a secure fashion
US5761421A (en) * 1996-03-25 1998-06-02 Sun Microsystems, Inc. System and method for secure peer-to-peer communication between downloaded programs
US5987608A (en) * 1997-05-13 1999-11-16 Netscape Communications Corporation Java security mechanism
US20020095578A1 (en) * 2000-11-22 2002-07-18 Asahiko Yamada System, method, and program for ensuring originality
US20020112179A1 (en) * 2000-03-30 2002-08-15 International Business Machines Corporation System, method and software for supplying activation information to a subsystem
US20020184520A1 (en) * 2001-05-30 2002-12-05 Bush William R. Method and apparatus for a secure virtual machine
US20030033539A1 (en) * 2001-07-20 2003-02-13 Lebin Cheng Mobile code security architecture in an application service provider environment
US20030226031A1 (en) * 2001-11-22 2003-12-04 Proudler Graeme John Apparatus and method for creating a trusted environment
US20040040017A1 (en) * 2002-08-22 2004-02-26 International Business Machines Corporation Method and apparatus for automatically determining optimum placement of privileged code locations in existing code
US20050108516A1 (en) * 2003-04-17 2005-05-19 Robert Balzer By-pass and tampering protection for application wrappers
US6986052B1 (en) * 2000-06-30 2006-01-10 Intel Corporation Method and apparatus for secure execution using a secure memory partition
US20060101407A1 (en) * 2004-10-25 2006-05-11 Microsoft Corporation Delegate registration in a managed code execution environment

Patent Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4809160A (en) * 1985-10-28 1989-02-28 Hewlett-Packard Company Privilege level checking instruction for implementing a secure hierarchical computer system
US5560008A (en) * 1989-05-15 1996-09-24 International Business Machines Corporation Remote authentication and authorization in a distributed data processing system
US5761421A (en) * 1996-03-25 1998-06-02 Sun Microsystems, Inc. System and method for secure peer-to-peer communication between downloaded programs
US5727145A (en) * 1996-06-26 1998-03-10 Sun Microsystems, Inc. Mechanism for locating objects in a secure fashion
US5987608A (en) * 1997-05-13 1999-11-16 Netscape Communications Corporation Java security mechanism
US20020112179A1 (en) * 2000-03-30 2002-08-15 International Business Machines Corporation System, method and software for supplying activation information to a subsystem
US6986052B1 (en) * 2000-06-30 2006-01-10 Intel Corporation Method and apparatus for secure execution using a secure memory partition
US20020095578A1 (en) * 2000-11-22 2002-07-18 Asahiko Yamada System, method, and program for ensuring originality
US20020184520A1 (en) * 2001-05-30 2002-12-05 Bush William R. Method and apparatus for a secure virtual machine
US20030033539A1 (en) * 2001-07-20 2003-02-13 Lebin Cheng Mobile code security architecture in an application service provider environment
US20030226031A1 (en) * 2001-11-22 2003-12-04 Proudler Graeme John Apparatus and method for creating a trusted environment
US20040040017A1 (en) * 2002-08-22 2004-02-26 International Business Machines Corporation Method and apparatus for automatically determining optimum placement of privileged code locations in existing code
US20050108516A1 (en) * 2003-04-17 2005-05-19 Robert Balzer By-pass and tampering protection for application wrappers
US20060101407A1 (en) * 2004-10-25 2006-05-11 Microsoft Corporation Delegate registration in a managed code execution environment

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"Extensible Security Architectures for Java" , Dan S. Wallach et al. *
Wallach, et al., "Extensible security architectures for Java", ACM SIGOPS Operating Systems Review, Proceedings of the sixteenth ACM symposium on operating systems principles SOSP '97. ACM Press.

Cited By (113)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9189621B2 (en) 1996-11-08 2015-11-17 Finjan, Inc. Malicious mobile code runtime monitoring system and methods
US9444844B2 (en) 1996-11-08 2016-09-13 Finjan, Inc. Malicious mobile code runtime monitoring system and methods
US9219755B2 (en) 1996-11-08 2015-12-22 Finjan, Inc. Malicious mobile code runtime monitoring system and methods
US9661018B1 (en) 2004-04-01 2017-05-23 Fireeye, Inc. System and method for detecting anomalous behaviors using a virtual machine environment
US9912684B1 (en) 2004-04-01 2018-03-06 Fireeye, Inc. System and method for virtual analysis of network data
US8793787B2 (en) 2004-04-01 2014-07-29 Fireeye, Inc. Detecting malicious network content using virtual environment components
US9628498B1 (en) 2004-04-01 2017-04-18 Fireeye, Inc. System and method for bot detection
US9197664B1 (en) 2004-04-01 2015-11-24 Fire Eye, Inc. System and method for malware containment
US8881282B1 (en) 2004-04-01 2014-11-04 Fireeye, Inc. Systems and methods for malware attack detection and identification
US8898788B1 (en) 2004-04-01 2014-11-25 Fireeye, Inc. Systems and methods for malware attack prevention
US9591020B1 (en) 2004-04-01 2017-03-07 Fireeye, Inc. System and method for signature generation
US8984638B1 (en) 2004-04-01 2015-03-17 Fireeye, Inc. System and method for analyzing suspicious network data
US10027690B2 (en) 2004-04-01 2018-07-17 Fireeye, Inc. Electronic message analysis for malware detection
US9306960B1 (en) 2004-04-01 2016-04-05 Fireeye, Inc. Systems and methods for unauthorized activity defense
US9838411B1 (en) 2004-04-01 2017-12-05 Fireeye, Inc. Subscriber based protection system
US9516057B2 (en) 2004-04-01 2016-12-06 Fireeye, Inc. Systems and methods for computer worm defense
US20100192223A1 (en) * 2004-04-01 2010-07-29 Osman Abdoul Ismael Detecting Malicious Network Content Using Virtual Environment Components
US9027135B1 (en) 2004-04-01 2015-05-05 Fireeye, Inc. Prospective client identification using malware attack detection
US9356944B1 (en) 2004-04-01 2016-05-31 Fireeye, Inc. System and method for detecting malicious traffic using a virtual machine configured with a select software environment
US9106694B2 (en) 2004-04-01 2015-08-11 Fireeye, Inc. Electronic message analysis for malware detection
US10068091B1 (en) 2004-04-01 2018-09-04 Fireeye, Inc. System and method for malware containment
US9282109B1 (en) 2004-04-01 2016-03-08 Fireeye, Inc. System and method for analyzing packets
US9438622B1 (en) 2008-11-03 2016-09-06 Fireeye, Inc. Systems and methods for analyzing malicious PDF network content
US9118715B2 (en) * 2008-11-03 2015-08-25 Fireeye, Inc. Systems and methods for detecting malicious PDF network content
US8990939B2 (en) 2008-11-03 2015-03-24 Fireeye, Inc. Systems and methods for scheduling analysis of network content for malware
US8997219B2 (en) * 2008-11-03 2015-03-31 Fireeye, Inc. Systems and methods for detecting malicious PDF network content
US8850571B2 (en) 2008-11-03 2014-09-30 Fireeye, Inc. Systems and methods for detecting malicious network content
US20120222121A1 (en) * 2008-11-03 2012-08-30 Stuart Gresley Staniford Systems and Methods for Detecting Malicious PDF Network Content
US20110247072A1 (en) * 2008-11-03 2011-10-06 Stuart Gresley Staniford Systems and Methods for Detecting Malicious PDF Network Content
US9954890B1 (en) 2008-11-03 2018-04-24 Fireeye, Inc. Systems and methods for analyzing PDF documents
US20100115621A1 (en) * 2008-11-03 2010-05-06 Stuart Gresley Staniford Systems and Methods for Detecting Malicious Network Content
US8832829B2 (en) 2009-09-30 2014-09-09 Fireeye, Inc. Network-based binary file extraction and analysis for malware detection
US8935779B2 (en) 2009-09-30 2015-01-13 Fireeye, Inc. Network-based binary file extraction and analysis for malware detection
US20110078794A1 (en) * 2009-09-30 2011-03-31 Jayaraman Manni Network-Based Binary File Extraction and Analysis for Malware Detection
US8990944B1 (en) 2013-02-23 2015-03-24 Fireeye, Inc. Systems and methods for automatically detecting backdoors
US9792196B1 (en) 2013-02-23 2017-10-17 Fireeye, Inc. Framework for efficient security coverage of mobile software applications
US9225740B1 (en) 2013-02-23 2015-12-29 Fireeye, Inc. Framework for iterative analysis of mobile software applications
US9195829B1 (en) 2013-02-23 2015-11-24 Fireeye, Inc. User interface with real-time visual playback along with synchronous textual analysis log display and event/time index for anomalous behavior detection in applications
US9009822B1 (en) 2013-02-23 2015-04-14 Fireeye, Inc. Framework for multi-phase analysis of mobile applications
US9159035B1 (en) 2013-02-23 2015-10-13 Fireeye, Inc. Framework for computer application analysis of sensitive information tracking
US9176843B1 (en) 2013-02-23 2015-11-03 Fireeye, Inc. Framework for efficient security coverage of mobile software applications
US9594905B1 (en) 2013-02-23 2017-03-14 Fireeye, Inc. Framework for efficient security coverage of mobile software applications using machine learning
US9824209B1 (en) 2013-02-23 2017-11-21 Fireeye, Inc. Framework for efficient security coverage of mobile software applications that is usable to harden in the field code
US9367681B1 (en) 2013-02-23 2016-06-14 Fireeye, Inc. Framework for efficient security coverage of mobile software applications using symbolic execution to reach regions of interest within an application
US10019338B1 (en) 2013-02-23 2018-07-10 Fireeye, Inc. User interface with real-time visual playback along with synchronous textual analysis log display and event/time index for anomalous behavior detection in applications
US9009823B1 (en) 2013-02-23 2015-04-14 Fireeye, Inc. Framework for efficient security coverage of mobile software applications installed on mobile devices
US10025927B1 (en) 2013-03-13 2018-07-17 Fireeye, Inc. Malicious content analysis with multi-version application support within single operating environment
US9912698B1 (en) 2013-03-13 2018-03-06 Fireeye, Inc. Malicious content analysis using simulated user interaction without user involvement
US9626509B1 (en) 2013-03-13 2017-04-18 Fireeye, Inc. Malicious content analysis with multi-version application support within single operating environment
US9934381B1 (en) 2013-03-13 2018-04-03 Fireeye, Inc. System and method for detecting malicious activity based on at least one environmental property
US9104867B1 (en) 2013-03-13 2015-08-11 Fireeye, Inc. Malicious content analysis using simulated user interaction without user involvement
US9565202B1 (en) 2013-03-13 2017-02-07 Fireeye, Inc. System and method for detecting exfiltration content
US9355247B1 (en) 2013-03-13 2016-05-31 Fireeye, Inc. File extraction from memory dump for malicious content analysis
US9311479B1 (en) 2013-03-14 2016-04-12 Fireeye, Inc. Correlation and consolidation of analytic data for holistic view of a malware attack
US9430646B1 (en) 2013-03-14 2016-08-30 Fireeye, Inc. Distributed systems and methods for automatically detecting unknown bots and botnets
US9641546B1 (en) 2013-03-14 2017-05-02 Fireeye, Inc. Electronic device for aggregation, correlation and consolidation of analysis attributes
US9251343B1 (en) 2013-03-15 2016-02-02 Fireeye, Inc. Detecting bootkits resident on compromised computers
US9495180B2 (en) 2013-05-10 2016-11-15 Fireeye, Inc. Optimized resource allocation for virtual machines within a malware content detection system
US9635039B1 (en) 2013-05-13 2017-04-25 Fireeye, Inc. Classifying sets of malicious indicators for detecting command and control communications associated with malware
US10033753B1 (en) 2013-05-13 2018-07-24 Fireeye, Inc. System and method for detecting malicious activity and classifying a network communication based on different indicator types
US9536091B2 (en) 2013-06-24 2017-01-03 Fireeye, Inc. System and method for detecting time-bomb malware
US10083302B1 (en) 2013-06-24 2018-09-25 Fireeye, Inc. System and method for detecting time-bomb malware
US9888016B1 (en) 2013-06-28 2018-02-06 Fireeye, Inc. System and method for detecting phishing using password prediction
US9300686B2 (en) 2013-06-28 2016-03-29 Fireeye, Inc. System and method for detecting malicious links in electronic messages
US9888019B1 (en) 2013-06-28 2018-02-06 Fireeye, Inc. System and method for detecting malicious links in electronic messages
US9294501B2 (en) 2013-09-30 2016-03-22 Fireeye, Inc. Fuzzy hash of behavioral results
US9628507B2 (en) 2013-09-30 2017-04-18 Fireeye, Inc. Advanced persistent threat (APT) detection center
US9912691B2 (en) 2013-09-30 2018-03-06 Fireeye, Inc. Fuzzy hash of behavioral results
US9910988B1 (en) 2013-09-30 2018-03-06 Fireeye, Inc. Malware analysis in accordance with an analysis plan
US9171160B2 (en) 2013-09-30 2015-10-27 Fireeye, Inc. Dynamically adaptive framework and method for classifying malware using intelligent static, emulation, and dynamic analyses
US9690936B1 (en) 2013-09-30 2017-06-27 Fireeye, Inc. Multistage system and method for analyzing obfuscated content for malware
US9736179B2 (en) 2013-09-30 2017-08-15 Fireeye, Inc. System, apparatus and method for using malware analysis results to drive adaptive instrumentation of virtual machines to improve exploit detection
US9921978B1 (en) 2013-11-08 2018-03-20 Fireeye, Inc. System and method for enhanced security of storage devices
US9189627B1 (en) 2013-11-21 2015-11-17 Fireeye, Inc. System, apparatus and method for conducting on-the-fly decryption of encrypted objects for malware detection
US9560059B1 (en) 2013-11-21 2017-01-31 Fireeye, Inc. System, apparatus and method for conducting on-the-fly decryption of encrypted objects for malware detection
US9756074B2 (en) 2013-12-26 2017-09-05 Fireeye, Inc. System and method for IPS and VM-based detection of suspicious objects
US9306974B1 (en) 2013-12-26 2016-04-05 Fireeye, Inc. System, apparatus and method for automatically verifying exploits within suspect objects and highlighting the display information associated with the verified exploits
US9747446B1 (en) 2013-12-26 2017-08-29 Fireeye, Inc. System and method for run-time object classification
US9262635B2 (en) 2014-02-05 2016-02-16 Fireeye, Inc. Detection efficacy of virtual machine-based analysis with application specific events
US9916440B1 (en) 2014-02-05 2018-03-13 Fireeye, Inc. Detection efficacy of virtual machine-based analysis with application specific events
US9241010B1 (en) 2014-03-20 2016-01-19 Fireeye, Inc. System and method for network behavior detection
US9591015B1 (en) 2014-03-28 2017-03-07 Fireeye, Inc. System and method for offloading packet processing and static analysis operations
US9787700B1 (en) 2014-03-28 2017-10-10 Fireeye, Inc. System and method for offloading packet processing and static analysis operations
US9432389B1 (en) 2014-03-31 2016-08-30 Fireeye, Inc. System, apparatus and method for detecting a malicious attack based on static analysis of a multi-flow object
US9223972B1 (en) 2014-03-31 2015-12-29 Fireeye, Inc. Dynamically remote tuning of a malware content detection system
US9594912B1 (en) 2014-06-06 2017-03-14 Fireeye, Inc. Return-oriented programming detection
US9973531B1 (en) 2014-06-06 2018-05-15 Fireeye, Inc. Shellcode detection
US9438623B1 (en) 2014-06-06 2016-09-06 Fireeye, Inc. Computer exploit detection using heap spray pattern matching
US10084813B2 (en) 2014-06-24 2018-09-25 Fireeye, Inc. Intrusion prevention and remedy system
US9398028B1 (en) 2014-06-26 2016-07-19 Fireeye, Inc. System, device and method for detecting a malicious attack based on communcations between remotely hosted virtual machines and malicious web servers
US9661009B1 (en) 2014-06-26 2017-05-23 Fireeye, Inc. Network-based malware detection
US9838408B1 (en) 2014-06-26 2017-12-05 Fireeye, Inc. System, device and method for detecting a malicious attack based on direct communications between remotely hosted virtual machines and malicious web servers
US9609007B1 (en) 2014-08-22 2017-03-28 Fireeye, Inc. System and method of detecting delivery of malware based on indicators of compromise from different sources
US10027696B1 (en) 2014-08-22 2018-07-17 Fireeye, Inc. System and method for determining a threat based on correlation of indicators of compromise from other sources
US9363280B1 (en) 2014-08-22 2016-06-07 Fireeye, Inc. System and method of detecting delivery of malware using cross-customer data
US9773112B1 (en) 2014-09-29 2017-09-26 Fireeye, Inc. Exploit detection of malware and malware families
US10027689B1 (en) 2014-09-29 2018-07-17 Fireeye, Inc. Interactive infection visualization for improved exploit detection and signature generation for malware and malware families
US9690933B1 (en) 2014-12-22 2017-06-27 Fireeye, Inc. Framework for classifying an object as malicious with machine learning for deploying updated predictive models
US10075455B2 (en) 2014-12-26 2018-09-11 Fireeye, Inc. Zero-day rotating guest image profile
US9838417B1 (en) 2014-12-30 2017-12-05 Fireeye, Inc. Intelligent context aware user interaction for malware detection
US9690606B1 (en) 2015-03-25 2017-06-27 Fireeye, Inc. Selective system call monitoring
US9438613B1 (en) 2015-03-30 2016-09-06 Fireeye, Inc. Dynamic content activation for automated analysis of embedded objects
US9846776B1 (en) 2015-03-31 2017-12-19 Fireeye, Inc. System and method for detecting file altering behaviors pertaining to a malicious attack
US9483644B1 (en) 2015-03-31 2016-11-01 Fireeye, Inc. Methods for detecting file altering malware in VM based analysis
US9594904B1 (en) 2015-04-23 2017-03-14 Fireeye, Inc. Detecting malware based on reflection
US9785783B2 (en) * 2015-07-23 2017-10-10 Ca, Inc. Executing privileged code in a process
US20170024571A1 (en) * 2015-07-23 2017-01-26 Ca, Inc. Executing privileged code in a process
US10033747B1 (en) 2015-09-29 2018-07-24 Fireeye, Inc. System and method for detecting interpreter-based exploit attacks
US9825976B1 (en) 2015-09-30 2017-11-21 Fireeye, Inc. Detection and classification of exploit kits
US9825989B1 (en) 2015-09-30 2017-11-21 Fireeye, Inc. Cyber attack early warning system
US10050998B1 (en) 2015-12-30 2018-08-14 Fireeye, Inc. Malicious message analysis system
US9824216B1 (en) 2015-12-31 2017-11-21 Fireeye, Inc. Susceptible environment detection system
US10097573B1 (en) 2017-12-04 2018-10-09 Fireeye, Inc. Systems and methods for malware defense

Similar Documents

Publication Publication Date Title
Yip et al. Improving application security with data flow assertions
Bugiel et al. Xmandroid: A new android evolution to mitigate privilege escalation attacks
US5956481A (en) Method and apparatus for protecting data files on a computer from virus infection
Phung et al. Lightweight self-protecting JavaScript
US7506170B2 (en) Method for secure access to multiple secure networks
Hedin et al. JSFlow: Tracking information flow in JavaScript and its APIs
US8789172B2 (en) Methods, media, and systems for detecting attack on a digital processing device
Pietraszek et al. Defending against injection attacks through context-sensitive string evaluation
US7836504B2 (en) On-access scan of memory for malware
Zhu et al. TaintEraser: Protecting sensitive data leaks using application-level taint tracking
US20100122313A1 (en) Method and system for restricting file access in a computer system
Yin et al. Panorama: capturing system-wide information flow for malware detection and analysis
US20060075492A1 (en) Access authorization with anomaly detection
US7870610B1 (en) Detection of malicious programs
Seacord Secure Coding in C and C++
US20090232300A1 (en) Securing data using integrated host-based data loss agent with encryption detection
Xu et al. Towards a VMM-based usage control framework for OS kernel integrity protection
Gong Java security architecture (JDK 1.2)
US20110239306A1 (en) Data leak protection application
US20050055565A1 (en) Reviewing the security of trusted software components
Bacon et al. Information flow control for secure cloud computing
US20080104665A1 (en) Analyzing access control configurations
US7039801B2 (en) System and method for integrating secure and non-secure software objects
US20040040017A1 (en) Method and apparatus for automatically determining optimum placement of privileged code locations in existing code
US7076557B1 (en) Applying a permission grant set to a call stack during runtime

Legal Events

Date Code Title Description
AS Assignment

Owner name: ADOBE SYSTEMS, INCORPORATED, CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:PETERSEN, SCOTT E.;REEL/FRAME:016657/0208

Effective date: 20050601

FPAY Fee payment

Year of fee payment: 4

AS Assignment

Owner name: ADOBE SYSTEMS INCORPORATED, CALIFORNIA

Free format text: CORRECTIVE ASSIGNMENT TO CORRECT THE ASSIGNEE NAME PREVIOUSLY RECORDED AT REEL: 016657 FRAME: 0208.ASSIGNOR(S) HEREBY CONFIRMS THE ASSIGNMENT;ASSIGNOR:PETERSEN, SCOTT E;REEL/FRAME:037463/0411

Effective date: 20050601